Three steps forward, 2 steps back, we should be stable.
Nerd stuff: We upgraded our infrastructure, again. We moved from a copper to a fiber backbone. Server links are now up to 25Gbit/second. Everything went smoothly until we started our final tests. It appears that the new switch defaulted ports in the wrong direction.
This default blocked traffic from our distributed network file system. The switch has been beaten into submission, and is now performing its duties correctly.
It has been difficult for me since my Father passed. It isn’t that I interacted with him that much, it is that the safety net is gone. In addition, it turns out that my brother is pretty darn evil.
This is as close as I’ve come to talking about his actions in public.
In the midst of this, a client I work with stepped up as a friend. The 30 minutes of dumping and ranting made things a little better.
Thank you my friend.
I started doing network administration in 1985 time frame. We were using 10base2 and X.25. Most of our equipment communicated with the mainframes via 9600 baud connections.
Having blazing fast 5Mb connections was spectacular. We used NFS extensively.
Our long haul communications were done via a 56Kbit connection.
When I started work in Maryland, we were still using 10base2 with a few 10baseT hubs. It was “fast enough”.
Later, some of our machines started showing up with high-speed networking, 100baseT. With jumbo packets, we were starting to get there.
Still later, we started using Fiber, this got us up to around 155Mb. This meant, for the first time, our network was faster than our local drives. Using NFS was no longer a bottleneck, for those machines that were fiber attached to each other.
The house network has been a 1Gbit network for a few years. I found out in the last couple of weeks that my primary machine is actually 2.5Gbit. Unfortunately, all the switches and routers in the house top out at 1Gbit.
Today I installed my first 10Gbit switch. It has 4 2.5Gbit RJ45 ports and 2 10Gbit SFP+ ports. This has 3 ceph nodes plugged into it. Those nodes will get NIC upgrades in the future to take them up to 10Gibit speeds.
I have one SFP+ module, it is a 10Gbit RJ45 connector. This means that it connects back to the main house switch at 10Gbit. The main house switch only supports 1Gbit today.
So what is the plan? I will be deploying a dual network system in the house. The server boxes/nodes will have 10Gbit NICs in them, each with two ports. One will connect to the high-speed network, the other to the 1Gbit network.
The 10Gbit net will handle all the Ceph and Docker traffic. Locally mounted ceph file systems will use the loop back connection, or they will be attached to the 10Gbit network.
This will make the ceph file systems seem much faster.
This will be accomplished with 3 4+2 switches and one 8 SFP+ switch. It should all just work.
Except, I had to learn all about fiber. I’ve decided to connect these switches with fiber. After far too many pages of documentation, I’ve decided on LC to LC connectors on OM4 cables. Some cables will be rated for outdoor, underground. This is basically an armored cable. The others will be properly rated for the areas they are in.
According to my reading, these OM4 cables should be good to around 40Gbit with the right transceivers and switches.
I’m getting disgusted by leftist idiots thinking that everything is Trump’s fault. Somebody shoots Trump? It is his nasty words and tweets that are the cause. Somebody sets up an ambush for Trump? His fault for pointing out that illegal immigrants are eating pets.
Trump is doing a meet and greet at a grocery store. The lady checking out loses track of the total and goes over budget. Trump peels off some bills and hands it to the cashier to take care of that lady’s shortfall, as well as others in the store.
The left accuses him of buying votes.
The Supreme Court respects the law, the outcome-driven leftists on the court spit and sputter and the left screams that Trump, who is too stupid to tie his shoes, foresaw these cases and picked justices to rule in this way, per his bidding.
If Trump were to run into a burning building to save a child, the media, and the left would scream he was stealing jobs from hardworking Firefighters.
In the same vain, a group representing the immigrants in Springfield, Ohio have filed suit against Trump and Vance for defaming the poor hardworking immigrants.
Note, they are “legally” in Springfield because they entered the US via a port of entry and claimed asylum.
Take a look at —HVGIQ: Haiti, Human Varieties, (last visited Sep. 27, 2024) to see the probable quality of these immigrants.
This is getting old. Trump is currently averaging two assassination attempts per month. This does count Iran posting a fantasy about how they are going to use their super high-tech equipment to kill Trump.
Ally was doing her look through Craig’s list and such when she noticed that somebody was giving away a floor loom.
We are now the proud owners of a 4 shaft, 6 treadle 40″ floor loom in excellent shape. We will need to replace the reed, get some shuttles, and make a raddle and then dress the loom.
I will need to dig up my weaving books and likely purchase a few. Ally wants to make some period dishrags and a Hudson Blanket. Both of those sound like fun projects.
I’ve been fighting some new infrastructure and deployment things. In physical premises, we use physically different networking gear for isolation and redundancy. If we want to get fancy, we can set up VPCs and pretend that one physical network is multiple logical networks.
I’ve been using VLANs to accomplish the isolation I want.
On the cloud, I would like to use VPCs. The datacenter I use doesn’t support VPCs. They do offer VLANs. I choose to use them.
The magic of their VLAN is that you create them on the fly. In the GUI, you say “attach a VLAN to interface ETH1”. It then asks you to name the VLAN. All other nodes then use the same name, and they are added to the same VLAN.
The downside is that there is no explicit method to delete a VLAN. If all nodes that were using the VLAN detach the VLAN, then the VLAN is deleted.
For testing, I have a script that deletes all my nodes and all the volumes associated with those nodes. This only takes a few minutes to run.
After I verify that the nodes and volumes are gone, I can start the ansible script to provision the needed nodes, configure them, boot them, configure the OS, install ceph on 4 nodes, docker swarm on 3, and then install the database engines.
Pretty cool. The process of provisioning an instance includes saying that I want a VLAN with a particular tag.
When I ran the playbooks, everything worked correctly. Except that one of my nodes refused to talk to the other nodes on the VLAN.
After escalating, it turns out that some nodes were attached to the old VLAN, which was in the process of being deleted, and the others were in the new VLAN.
It is my belief this was cased by a race condition. Some nodes were assigned the old VLAN while the VLAN was being deleted. The other nodes requested the old VLAN and instead were granted a new one, with the same name as the old one.
*ARGH.* That was many wasted hours.
Another week. What is your favorite childhood food? That dish that takes you back to a happy childhood memory.
The New York Times, a “newspaper” and “trusted media source” was out there downplaying the second assignation attempt on Trump.
They do such a good job of lying. Kamala should take lessons from them. They used air quotes to imply that the assignation attempt wasn’t a real thing.
Over on X, the number of people that claim that there was no assignation attempt because no shot was fired is batshit crazy.
I do love that Florida has decided to keep the investigation local and to hold on to their prisoner.
Read More
Wednesday was a good day, sort of. I was able to shut down my K8S cluster.
The amount of grief this new fangled thing has given me cannot be overstated.
Bluntly, most of the issues could have been resolved by throwing more money at the problem. K8S does work for large infrastructure solutions. The sort of infrastructure where you have 10+ nodes and each node has 32+ GB of memory.
What does this mean for Troglodite? We are moving sideways to a different type of infrastructure. This is built on more VMs but smaller.
“The” debate happened. It was the first presidential debate I’ve watched in years. I had to tune it out about 15 minutes in, when the referees tackled Trump for the second time. I.e., did a fact check and reported Trump lied when he had not.
It was the three on one that I had hoped not to see.
The number of manipulative things that were done to make Trump look bad.
His microphone was louder. This makes him sound more aggressive.
They were keeping his microphone muted after Kamala stopped talking, he started talking into a dead mic. A second or so later, his mic goes live, but it makes it sound like he is talking over Kamala when he is not.
They asked him questions that were phrased in the negative, they asked her questions phrased in the positive.
The fallout on the debate was surprising. Immediately after the debate, there were all the cheerleaders claiming that Kamala won and talking about how bad Trump was. Many claiming that the fact checking proved that Trump does nothing but lie.
This filled my X feed. More leftist noise than I normally see in a month, all in that first 5 hours.
But, the discussion has morphed into “How bad was ABC? Can we give them a -5 on a scale of 1 to 10?”.
Not just on the right, but CNN is holding up the ABC debate as proof they aren’t leftist. When you lose CNN, you are really messing things up.
Social media, thank you to all of those that are following Follow @vineofliberty.
It is sad, I check the number of followers I have a few times a day, looking for those triple digit follows.
More federal judges are twisting the words of the Supreme Court to get the outcomes they want. Most of those are ending up in court, and losing. Even the Ninth Circus is putting up (temporary) wins for The People.
Have a fantastic weekend!
This week has given me closure on several small projects, all working together to get the right results.
In the old days, each device on the Internet had its individual IP address, today, most devices share their IP address with thousands of other devices. Instead, entire locations hide behind a single IP address.
This is performed with the magic of Network Address Translation (NAT).
To make everything work, I had to have external DNS servers provide the address of a firewall that just happens to perform NAT as well.
That firewall had to be configured to forward allowed ports to a load balancer (HAProxy). Each port of interest being properly configured in the load balancer. The load balancer forwards the traffic to a reverse proxy (Traefik) running a docker swarm over a ceph file system.
Each service within the swarm must be configured within the swarm. The swarm just be configured for networking.
All of this is supposed to “just work”.
It is all working now. Not because it just works. The magic was to start inside a docker container, close to the service, verify that service, then move outward.
Along the way, the local DNS server had to provide overrides so that the firewall didn’t have to do hairpin configurations for each port.
For testing purposes, we had to set up an internal ACME server, which is working wonderfully.
The Vine of Liberty now lives on this new infrastructure. There are only a few more pieces to move, and I will be done with k8s.
My father passed on Wednesday, September 4th, 2024. He joins my mother, who passed earlier this year.
Even though I am over 60, this is hitting me hard. My entire life, I have felt able to reach for my dreams, to risk so much because I knew my parents were there as a safety net.
It appears that my parents created a financial safety net for their grandchildren and children, we are working through the family trauma to make sure everything works out “right”.
We are still looking for somebody to do engagement farming on X/Twitter. If you are interested, please contact me.
It has taken me a while to realize that this is my site now. In the past, I left the politics to Miguel and J.Kb. I have decided to post a few more political articles.
Have a fantastic weekend!
The blog has now been moved to a temporary server. I hope that it will be more stable. I have to move the citation server. Once that is moved, GFZ and Vine Of Liberty will be free of K8S.
I have a few other websites to move, but I am making great progress.
In the Supreme Court of Mass acutes, we had a Second Amendment win. They found that knives are arms under the plain text of the Second Amendment. As such, it was the government’s burden to show that the current regulation, a ban on switch-blade knives, was consistent with this Nation’s historical tradition of firearms regulations.
The state did not meet their burden, the law is facially unconstitutional.
There have been a few more wins at the district court level.
In many circuits, the district judges are applying Bruen faithfully. This led to a cascade of wins for the Second Amendment.
It is at the circuit court level where most of the clown show exists. The Fourth, Ninth, Seventh, and Second come to mind.
Answering the question of the fastest way from sheep to cap, socks or tunic. The answer is to knit them. It is but a short time to get from clean fleece to yarn suitable for knitting with.
The comments are of course open.
The DNC held their convention this week. The level of hypocrisy exceeds even my expectation.
The left attacked Trump’s kids, Bush’s kids, Palin’s kids. It was always “OK”. Some idiots on the right pointed at Walz’s kid, and the left is having a meltdown over how evil Republicans are.
I don’t remember walls around the RNC. They have walls around the DNC and hotels where attendees are staying. Besides the business owners that boarded up their stores for the week because of “mostly peaceful riots”, there are businesses that are inside the DMZ where people can’t go without IDs. They are losing money.
The lies are never ending. Policies are still unstated. And Kamala promises to fix all the issues on day 1. Issues that she and the Muppet that is residing in the White House haven’t fixed in the last 3.5 years.
I’ve started to dig through some of the cases that have been going on. It has been hard as I’ve been in “learning mode” for the last two months, interrupted by trips home to see my father.
Dad is back in intensive care. My brother doesn’t think he will make it to Christmas. That will be hard.
Thank you to everybody who is still here. It is a bit disheartening to see how many people no longer visit regularly.
So again, thank you.
We are currently looking for somebody to social engagement on X. The auto post doesn’t work, and the share doesn’t seem to put the image or anything else interesting.
I think there are maybe 4 followers of @vineofliberty on X at this point.
If you are interested, please reach out to us at AWA@vineofliberty.com
If you were one of the regulars and are just stopping by, please leave a comment as to what caused you to leave. I know we aren’t Miguel nor J.Kb.
Have a great weekend!
Welcome to the weekend!
We’ve made it through another week.
I think the biggest thing I’ve heard to-date is simply this: We need to focus on the candidates for president, not their VPs.
JD Vance is a better candidate than Walz, by far. No matter how much of a scumbag Walz might be, we need to focus on policy.
Kamala has not given an interview in 27 days? She has failed as VP, we need the people to know that she will fail as president.
There have been a couple of wins for the 2nd over the last week. Things are starting to break free. I think that one of the most significant changes in the circuit courts has been the dissenting judges being willing to stand up and call out the rogue judges for stomping on The People.
I’m working on decommissioning my Kubernetes cluster. I’ve already torn down the local “test” version. The cost is too high for the benefits.
The number of “supporting” containers is ridiculous. Each container takes a bit of memory. These containers suck the memory from the host nodes, causing instability.
As an example, there are three containers that run constantly to handle SSL certificates. They are needed once every 90 days per certificate and once when a new certificate is needed. That’s a bit of resources for something that isn’t really needed constantly. There are 23 running as k8s command and control.
I’m moving back to old school stuff.
The comments are open, let us know your thoughts.
Olympic “trans” controversy where we lost. The boxer in question isn’t trans. She might be cheating. But we lost because the facts are not in our favor.
We had a great opinion from an east coast federal judge. The gist? “I hate Bruen, I’ve worked hard to find something that would allow me to find for the state. I couldn’t. AR-15s in particular can’t be banned. This doesn’t apply to other ‘assault weapons’ nor does it apply to magazine bans.”
Rahimi is being used by the state as an “everything goes” but the courts aren’t really buying it unless they were already in the anti-gun camp.
Thanks again for my grammar checkers. I don’t take offense and I will continue to attempt to do better.
This has been a week of Rants.
There are things happening on the legal front. I need to go read those cases and digest them.
Ally has been doing a fantastic job getting good articles out, with good engagement. Thank you, all.
For those giving me feedback on grammar, thank you. It is very helpful. I do have some tools that help, but they are not perfect.
I hope you all have a great weekend.